Securing OSGi Applications

Securing OSGi applications is very similar to securing enterprise applications. For most security frameworks, no additional steps are required. For Java™ 2 security, there is some optional extra configuration that is specific to OSGi Applications.

About this task

For most security frameworks that are supported by WebSphere® Application Server, configuring security for OSGi applications requires no additional steps to those that are required for enterprise applications. For example: If you enable security, and you add a secure asset, you must specify a target server that is in the global security domain. This requirement is the same whether the asset is an enterprise application or an OSGi application.

For application security with OSGi applications, you can modify the security role to user or group mapping when you add the asset to the business-level application.

For Java 2 security in enterprise applications, you set permissions at the application level. For OSGi applications, you can also set Java 2 security permissions at the bundle level. To support this finer-grained security, there are extra configuration steps that you can complete when you create an OSGi application, when you migrate an enterprise application to an OSGi application, and when you add an enterprise bundle archive (EBA) asset to a business-level application.

Procedure


Icon that indicates the type of topic Task topic

Terms and conditions for information centers | Feedback


Timestamp icon Last updated: Tuesday, 19 June 2012
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-nd-mp&topic=ta_sec
File name: ta_sec.html